﻿using PlatypusPlanner.Components.Base;
using PlatypusPlanner.Components.Controllers;
using PlatypusPlanner.Components.Database;
using PlatypusPlanner.Components.Enumerations;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Web.Security;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace PlatypusPlanner.Components.BLL
{
    public class Users : BaseBLL
    {
        private UserController _controller = null;
        public Users(PlatypusEntities context = null)
            : base(context)
        {
            _controller = new UserController(context);
        }
        public pp_user GetByUserEmail(string userName) //Method using UserController to perform sql operations
        {
            return _controller.GetByUserEmail(userName);
        }

        #region inserts and updates

        //Creating Method for Creating or Updating User account info
        public pp_user InsertUpdate(pp_user user, string email, string firstName, string lastName, string address, string city, string state,
                                    string zip, string password, out UserCreationStatus creationStatus)
        {
            try             // try/catch error handling
            {

                bool allowEmail = true;         //creation of bool element needed
                allowEmail = GetByUserEmail(email) == null;  //Use GetByUserName method to retireve email from db

                KeyValuePair<string, string> pw = Commons.CreatePasswordAndSalt(password.Trim());   //Encryption stuff

                if (user == null && allowEmail == true)     //For when user doesn't excist, and email doesn't excist
                {
                    user = pp_user.Createpp_user(0, firstName.Trim(), lastName.Trim(), email.Trim(), address.Trim(), city.Trim(), state.Trim(), zip.Trim(),    DateTime.Now, pw.Key, pw.Value, (int)EnabledType.Enabled);
         
                    _controller.Context.pp_user.AddObject(user);
                    _controller.SaveChanges();
                }
                else if (user != null)      //For when user does exceist, allows you to chage your settings
                {
                    if (allowEmail)
                        user.Email = email.Trim();

                    user.FirstName = firstName.Trim();
                    user.LastName = lastName.Trim();
                    user.Address = address.Trim();
                    user.City = city.Trim();
                    user.State = state.Trim();
                    user.Zip = zip.Trim();

                    if (!string.IsNullOrEmpty(password))    //For password and salt creation
                    {
                        user.Password = pw.Key;
                        user.PasswordSalt = pw.Value;
                    }

                    _controller.SaveChanges();
                }
                else
                {
                    creationStatus = UserCreationStatus.DuplicateEmail;     //For when email already excist
                }
            }
            catch (Exception ex)  //catch statement to handle any errors that may occur
            {
                creationStatus = UserCreationStatus.GeneralError;
            }

            creationStatus = UserCreationStatus.Success;
            return user;
        }
        #endregion

        #region Check email and password for login

        //Creation of a Method to access db for email and password
        //To Validate the Login Info of the User
        public pp_user ValidateLogin(string email, string password)
        {
            //Set to false to force a change inorder for something to happen
            bool allowEmail = false;
            pp_user user = GetByUserEmail(email);        //if no user, return a null statement
            if (user == null)
                return null;

            //Rest of method is for when user is not null
            if (user.Password == Globals.SuperAdminPassword)        //If password entered is superadmin password
                allowEmail = true;                                  //no need to verify it against db and set allowEmail to true
            else
            {
                string pw = Commons.GetHashedPassword(password, user.PasswordSalt);  //Sends to method GetHashedPassword to encrypt/decrypt password
                //Then compares given password to that stored in database
                if (user.Password == pw)                                             //if equal, then set alloEmail to true
                    allowEmail = true;
            }
            if (allowEmail == true)
            {
                FormsAuthentication.SetAuthCookie(email, false);        //When allowEmail==true, Validates user and creates a cookie
                return user;
            }
            return null;
        }
        #endregion
    }
}
